PT-2013-4672 · Oracle · Oracle Web Cache+1

Published

2013-10-16

Updated

2013-10-24

CVE-2013-3836

CVSS v2.0

3.5

Low

Vector

AV:N/AC:M/Au:S/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Oracle Fusion Middleware versions 11.1.1.6 through 11.1.1.7

Description The issue affects confidentiality and is related to ESI/Partial Page Caching in the Oracle Web Cache component. It can be exploited by remote authenticated users.

Recommendations For versions 11.1.1.6 and 11.1.1.7, consider restricting access to the Oracle Web Cache component until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2013-3836

Affected Products

Oracle Fusion Middleware

Oracle Web Cache

PT-2013-4672 · Oracle · Oracle Web Cache+1

CVE-2013-3836

Related Identifiers

Affected Products

References · 4